[Samba] to shares access from non-member clients/nodes
peljasz at yahoo.co.uk
Fri Aug 30 18:13:33 UTC 2019
On 30/08/2019 17:25, Rowland penny via samba wrote:
> On 30/08/2019 17:12, lejeczek via samba wrote:
>> hi guys,
>> with Samba as below
>> workgroup = NNNR
>> netbios name = PA2
>> realm = PRIVATE.REALM.MINE
>> kerberos method = dedicated keytab
>> dedicated keytab file = /etc/samba/samba.keytab
>> create krb5 conf = no
>> security = user
>> domain master = yes
>> domain logons = yes
>> Should nodes/clients outside of domain (non-members) be
>> able to access
>> (with user+pass) Samba shares?
>> many thanks, L.
> 99% of that smb.conf is for a Unix Domain member, but
> 'security = user' should be 'security = ADS' and it
> wouldn't be a PDC (domain master = yes) because it is
> using kerberos.
> There are also no auth lines that are required for a Unix
> domain member.
> To put it another way, that is a borked smb.conf.
> If you just want a standalone server, see here:
> If you want something else, please explain just what you
> are trying to achieve.
Yes, it's a unix domain for it's a "regular" FreeIPA's
Samba. Out of box this, I think, only does windows when
trusted to an AD and from there, from/via AD win clients work.
But I was hoping that outside of kerberos/domain clients(win
10), perhaps with user+pass could be mangled into such
many thanks, L.
More information about the samba